use serde::{Deserialize, Serialize};
use plsql_catalog::{AccessibleByTarget, GrantPrivilege, Grantee};
use plsql_core::{Confidence, Evidence, ObjectName, RoleName, SchemaName, UnknownReason, UserName};
#[derive(Clone, Copy, Debug, Default, Eq, PartialEq, Serialize, Deserialize)]
pub enum AuthorizationMode {
#[default]
Definer,
Invoker,
}
#[derive(Clone, Copy, Debug, Default, Eq, PartialEq, Serialize, Deserialize)]
pub enum GrantOption {
Grantable,
Hierarchy,
#[default]
None,
}
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
pub struct ResolvedPrivilege {
pub object_owner: SchemaName,
pub object_name: ObjectName,
pub privilege: GrantPrivilege,
pub grantee: Grantee,
pub grant_option: GrantOption,
pub via_role: Option<RoleName>,
pub confidence: Confidence,
pub evidence: Evidence,
}
#[derive(Clone, Debug, Eq, PartialEq, Serialize, Deserialize)]
pub struct AccessControlEntry {
pub declaring_schema: SchemaName,
pub declaring_object: ObjectName,
pub allowed_callers: Vec<AccessibleByTarget>,
}
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
pub struct CrossSchemaWrite {
pub caller_schema: SchemaName,
pub caller_object: ObjectName,
pub target_schema: SchemaName,
pub target_object: ObjectName,
pub privilege: GrantPrivilege,
pub confidence: Confidence,
pub evidence: Evidence,
pub runtime_ambiguity: Option<UnknownReason>,
}
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
pub struct SynonymPrivilegePath {
pub synonym_schema: SchemaName,
pub synonym_name: ObjectName,
pub target_schema: SchemaName,
pub target_object: ObjectName,
pub is_public: bool,
pub confidence: Confidence,
}
#[derive(Clone, Debug, Default, PartialEq, Serialize, Deserialize)]
pub struct PrivilegeModel {
pub privileges: Vec<ResolvedPrivilege>,
pub access_control: Vec<AccessControlEntry>,
pub cross_schema_writes: Vec<CrossSchemaWrite>,
pub synonym_paths: Vec<SynonymPrivilegePath>,
pub public_grants: Vec<ResolvedPrivilege>,
pub runtime_ambiguities: Vec<AuthorizationAmbiguity>,
pub diagnostics: Vec<plsql_core::Diagnostic>,
}
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
pub struct AuthorizationAmbiguity {
pub schema: SchemaName,
pub object: ObjectName,
pub reason: UnknownReason,
pub dependent_roles: Vec<RoleName>,
pub evidence: Evidence,
}
#[derive(Clone, Debug, Default)]
pub struct PrivilegeConfig {
pub current_schema: Option<SchemaName>,
pub current_user: Option<UserName>,
pub enabled_roles: Vec<RoleName>,
}